7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.3 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
71.9%
A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka âHTTP.sys Denial of Service Vulnerability.â This affects Windows Server 2016, Windows 10, Windows 10 Servers.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_server_2016 | (Server Core installation) | cpe:2.3:o:microsoft:windows_server_2016:(Server Core installation):*:*:*:*:*:*:* |
microsoft | windows_10 | 32-bit Systems | cpe:2.3:o:microsoft:windows_10:32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1511 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1511 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1511 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1511 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1607 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1607 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1607 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1607 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1703 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1703 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1703 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1703 for x64-based Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1709 for 32-bit Systems | cpe:2.3:o:microsoft:windows_10:Version 1709 for 32-bit Systems:*:*:*:*:*:*:* |
microsoft | windows_10 | Version 1709 for x64-based Systems | cpe:2.3:o:microsoft:windows_10:Version 1709 for x64-based Systems:*:*:*:*:*:*:* |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.3 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
71.9%